DAY2™ adheres to a least-privileged permission model throughout all platform operations. Our goal is to ensure that our customers have complete control over the permissions they grant and to limit the scope of our access to each operation.
In DAY2™, we create a specific role with the bare minimum permissions and Service Principal/App Registration for the resource discovery. The custom RBAC roles that are associated with the Service Principal in your Azure subscription have the least necessary permissions.
These roles are created in your Azure subscription for Resource Discovery (Initial Resource Discovery and Real-Time Resource Discovery).
Described below are the custom RBAC permissions assigned to the service principal in the subscription.
For granular details of permissions for each of these areas, contact us at email@example.com.